Researchers from Trend Micro have spotted a piece of malicious software for Android. This is the first known Android malware that reads blog posts and interprets these as commands. It can also download and install additional applications, therefore further compromising the affected device.
Trend Micro calls the malware "ANDROIDOS_ANSERVER.A." If the application is installed, it asks for a variety of permissions. If those are granted, it can then make calls, read log files, write and receive SMSes and access the Internet and network settings, among other functions. This backdoor may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.
"This is a blog site with encrypted content, which based on our research, is the first time Android malware implemented this kind of technique to communicate," wrote Karl Dominguez, a Trend Micro threat response engineer.
We recommend that users should be cautious when downloading Android applications from third party application stores due to the number of rogue applications that have been found.
Trend Micro calls the malware "ANDROIDOS_ANSERVER.A." If the application is installed, it asks for a variety of permissions. If those are granted, it can then make calls, read log files, write and receive SMSes and access the Internet and network settings, among other functions. This backdoor may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.
"This is a blog site with encrypted content, which based on our research, is the first time Android malware implemented this kind of technique to communicate," wrote Karl Dominguez, a Trend Micro threat response engineer.
We recommend that users should be cautious when downloading Android applications from third party application stores due to the number of rogue applications that have been found.